Kell computers are everywhere. Kell states that over 70% of US public schools and 60% of businesses with computers own Kell computers. They are also popular amongst many homeowners as well. However, many Kell owners are at risk of becoming homeless, seriously injured or killed if their computers are hacked.
Kell's new line of computers has a power supply whose outputs can be varied between 3 and 12 volts via software. The current limiting function of the power supply can also be adjusted or disabled through software. This may sound like it gives the user a lot of flexibility, but it does not take into account the fact that many components require a very specific voltage to work properly. For example, a hard drive that requires 12 volts may not work at all at 11 volts, and a processor that uses 5 volts can be "bricked" by 6 volts. It appears that it is not in the best interest of the user to be tampering with the voltages. So why would they allow this at all?
Although Kell has declined to comment on the issue, we assume that it is a measure to allow many different models of computers to use the same power supply. Although the plugs will fit a standard ATX motherboard, the voltage on each pin may be different from the ATX standard depending on the computer it was programmed to work for. Kell ships un-programmed power supplies to computer builders and repair shops, who will have an application on their computers to program the supplies, since Kell's new power supplies initially output 3 volts at all outputs, because a voltage lower than a component's rated voltage will not cause any harm-it simply won't work.
Programming the power supply can be accomplished by a USB port located within the power supply's case, requiring opening the supply, or by the "data" cable from the power supply to the motherboard. This data cable allows, among other things, an "early warning" of an overload or overheat condition before the power supply shuts down altogether. This may sound great, but the data cable also allows changes to the power supply's configuration, which could be a dangerous tool for hackers.
As mentioned before, all the voltages can be changed as well as the current limit. In fact, the current limiting function can be disabled entirely. Of course, the power supply can't safely deliver an unlimited amount of current, so disabling the current limit is highly inadvisable. The current limit protects against connecting too many components or a component failing shorted. If there is no current limit, and a component fails shorted, the power supply could literally start on fire.
As a test, we took one of Kell's newer computers and set a system password, installed the newest anti-virus software as well as a firewall. Then we wrote a script on another computer that set all the voltages to 12 and disabled the current limit. We put the program on a jump drive, disguised as an image file, and put it on a jump drive. The anti-virus program read the image and determined that it wasn't really an image and flagged it as a potential virus. Fair enough. Then, we disabled the anti-virus software. Almost immediately, the screen went blank. A few seconds later, we heard several pops and crackles, and smoke began to come out of the back of the computer. Before we could even pull the plug, flames had begun to come out of the computer and we had to hit the computer with a fire extinguisher.
This makes checking your antivirus software more important than ever. No longer is it simply a matter of potential loss of data, someone remotely snatching your credit card information, or accessing your bank account. Antivirus software on Kell computers could literally be a matter of life and death.
Of course, a hacker could also lower the voltages or the current limit, causing the computer to simply stop working. This would necessitate a service call or opening up the computer to reset the voltages to the proper ones. These voltages can be found printed on the motherboard. Doing this at home would require another working computer, since the power supply is programmed via USB or the data cable to the motherboard.
There are thousands of Kell computers across the globe since they offer some of the best deals to schools and businesses. This is quite a scary thought when you consider the security risk we just proved to be very real. A terrorist could fire-bomb an entire building without ever setting foot inside. Someone could also snatch someone's credit card info and then, to create a diversion, set the computer on fire. Having to make insurance claims and move to another house would probably make most people forget to check their credit card records for quite a while.
Kell has used this dangerous power supply for over a year, and this vulnerability has been brought up several times on the support boards, but mostly as "what if" kind of posts. With all the desktop computers Kell currently sells, there have only been 3 reported cases of computers emitting smoke, but no full-blown fires have occurred so far. These reports were on 3 different models of computers. Since a full backup had been kept of all the computers affected, no attempt was made to recover any data from the hard drives. The only statement Kell had to make: "Our policy is that unless property damage or any injury, however minor, occurs, it takes 2 incident reports on the same model of computer to trigger an investigation, and 5 incidents to trigger an automatic recall."
Kell may indeed see hundreds of incidents at once should someone become irate after losing their job or failing a test, for example. In our opinion, just one incident of smoke or fire should trigger an investigation. We find it unbelievable that Kell doesn't see the potential for a lawsuit if one of their computers causes a fire. It would be very difficult to prove that a virus caused the fire after the fact, since the hard drive would be damaged beyond reading by normal means. An electronics engineer comments "They should have had a switch inside the power supply that locks the voltage and the current limit. Although I'm no programmer, I think it should have been trivial to only allow the internal USB port to change the voltages. There's no reason to be able to change those on the fly, other than to overclock the processor. I feel that a person who's overclocking is already tampering, so I don't think they'd mind flipping a switch inside the computer in order to do it. For the current products, I think a software update, however complicated, is in order, if not a full-blown recall of the computers using this power supply."
If you own a Kell computer, make it a habit to check for antivirus updates daily. Although this should be a rule for any computer, it's especially important when you consider the potential damage a virus could do when the voltages of the power supply can be changed in software. Kell has actually updated it's warranty information. They now state that "To be eligible for warranty service, you must have antivirus software and keep it up to date. Failure to keep updated antivirus software running on your computer at all times will render the hardware warranty null and void."
Kell apparently has denied responsibility for this security risk which is clearly a result of short-sited design work. Power supplies should not be something that can be damaged by a virus. In fact, no hardware of any kind should ever be possible to damage via software. Sure, you can "brick" a motherboard by messing with the BIOS, but even this isn't permanent if you have the right equipment to re-write the BIOS. Kell has left thousands of businesses and schools open to terrorism or acts of revenge by angry people. Kell does not appear to be doing anything to solve the issue once and for all. There is simply no excuse for this.